62486077c608d09694b34e16e85ae0ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62486077c608d09694b34e16e85ae0ed_JaffaCakes118
Size

433KB
MD5

62486077c608d09694b34e16e85ae0ed
SHA1

1be0b93e1cdfac3d57aab3efcdcd4f7ce4fe5b95
SHA256

1859971ec87beed7c612871d015b98ff1d374859c115cdf4ddb06225aabfe6fb
SHA512

269205d4a33bb3731500ec4494b0d72418d72d82b4cd31a2a5e07d84273629f2a8a838c03173a8e1ef7a53ae000e76ac1496dde2af8faeff2b026405a9495fc1
SSDEEP

12288:9NlT/RBB0fFx9Ut3TS3fD1lfJ8YgokqwPmClb:1uNx9UtafhhJHFLwP/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62486077c608d09694b34e16e85ae0ed_JaffaCakes118

Files

62486077c608d09694b34e16e85ae0ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b0f3a1e8ea848c3f8389b4a484a80c7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExpandEnvironmentStringsW
CreateProcessW
VirtualQuery
SetLastError
WriteFile
RemoveDirectoryW
CreateDirectoryW
ExitProcess
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
CreateFileW
CloseHandle

gdi32

CreateFontA
DeleteObject
GetDeviceCaps
StartFormPage
GetBkColor

user32

IsCharAlphaW
IsCharAlphaNumericW
GetWindowTextLengthW
LoadStringW

setupapi

SetupCloseInfFile
SetupOpenInfFileW
SetupOpenLog
SetupDiGetDriverInfoDetailW
SetupLogErrorW
SetupCloseLog

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ